On 07/12/03 at 15:01 -0400, Timothy Binder opined:
> On Saturday, July 12, 2003, at 02:13 PM, Global Homes Webmaster wrote:
>
> > I haven't run across this with Bigfoot specifically, but I have had
> > one or two users who regularly receive legitimate mail from
> > blacklisted IP ranges. If you know the IP address(es) for the
> > Bigfoot server(s), you can put them in your Client Hosts list,
> > which will override the blacklisting. As long as Bigfoot keeps
> > their server(s) locked down reasonably well (I don't know about
> > that one way or the other, but I suspect that they probably do),
> > that should not significantly increase your spam exposure.
>
> This scares me, as *any* message originating from their servers will be
> passed through your system, even to third parties.
This is why I included a caveat contingent on Bigfoot keeping their servers
locked down. Even so, the odds would seem a bit long that anyone would
discover that they could relay from Bigfoot, and only Bigfoot, through what
would be to them an essentially arbitrary third party host. As I said
before, I've used this approach in a couple of specific situations where
I'm comfortable with the administration of the hosts I'm allowing, and I
haven't seen any unwanted mail coming from those IPs. Bigfoot's gig is
providing e-mail services to the masses, so it should be in their best
interest to keep spam and other cruft out of their system as much as
possible. On the other hand, making a decision to locate the mail servers
for a major e-mail provider in part of the world that a large portion of
the rest of the world blacklists isn't necessarily the best testament to
their judgement.
> How about making the user's email address a white hole in the router,
> since she will be the only one receiving from Bigfoot:
>
> <[EMAIL PROTECTED]> = user
>
> Of course, this would remove spam protection from that user, but I
> think it's a price she may have to pay for using Bigfoot, given their
> current approach. It just seems a safer approach from the admin
> perspective.
I guess what it comes down to is that you have to weigh your confidence in
the system that you'd be allowing to relay against the annoyance to your
user of opening him/her up to _all_ the spam that comes down your pipe.
This is definitely something that has to be considered on a case by case
basis. As has been hinted at by everyone in this discussion, probably the
safest thing to do is to ignore the Bigfoot issue and encourage the user to
use an e-mail provider that does not choose to locate their servers in a
widely-blacklisted part of the 'net.
--
Christopher Bort | [EMAIL PROTECTED]
Webmaster, Global Homes | [EMAIL PROTECTED]
<http://www.globalhomes.com/>
#############################################################
This message is sent to you because you are subscribed to
the mailing list <[EMAIL PROTECTED]>.
To unsubscribe, E-mail to: <[EMAIL PROTECTED]>
To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]>
To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]>
Send administrative queries to <[EMAIL PROTECTED]>
